SMPDataFlowAnalysis.cpp

unsigned int HighestBitSetInUint(uint32_t UintVal) {
	unsigned int RetVal = 0;
	unsigned char Byte0 = UintVal & 0xff;
	unsigned char Byte1 = UintVal & 0xff00;
	unsigned char Byte2 = UintVal & 0xff0000;
	unsigned char Byte3 = UintVal & 0xff000000;
	if (Byte3 > 0) {
		RetVal = HighestBitSet(Byte3) + 24;
	}
	else if (Byte2 > 0) {
		RetVal = HighestBitSet(Byte2) + 16;
	}
	else if (Byte1 > 0) {
		RetVal = HighestBitSet(Byte1) + 8;
	}
	else if (Byte0 > 0) {
		RetVal = HighestBitSet(Byte0);
	}
	return RetVal;
}


// Initialize the FG info for the return register from any library function
//  whose name implies that we know certain return values (e.g. atoi() returns
//  a signed integer, while strtoul() returns an unsigned long).
void GetLibFuncFGInfo(string FuncName, struct FineGrainedInfo &InitFGInfo) {
	map<string, struct FineGrainedInfo>::iterator FindIter;

	FindIter = ReturnRegisterTypeMap.find(FuncName);
	if (FindIter == ReturnRegisterTypeMap.end()) { // not found
		InitFGInfo.SignMiscInfo = 0;
		InitFGInfo.SizeInfo = 0;
	}
	else { // found
		InitFGInfo = FindIter->second;
	}
	return;
} // end of GetLibFuncFGInfo()


// Is FuncName a standard library function name?
bool IsLibFuncName(std::string CalleeName) {
	// Return true if we find the name in any of our function type maps.

	map<string, struct FineGrainedInfo>::iterator RetTypeIter = ReturnRegisterTypeMap.find(CalleeName);
	if (RetTypeIter != ReturnRegisterTypeMap.end()) { // found
		return true;
	}

	map<string, unsigned int>::iterator PtrArgIter = PointerArgPositionMap.find(CalleeName);
	if (PtrArgIter != PointerArgPositionMap.end()) { // found it
		return true;
	}

	map<string, unsigned int>::iterator TaintIter = TaintWarningArgPositionMap.find(CalleeName);
	if (TaintIter != TaintWarningArgPositionMap.end()) { // found it
		return true;
	}

	map<string, unsigned int>::iterator UnsignedIter = UnsignedArgPositionMap.find(CalleeName);
	if (UnsignedIter != UnsignedArgPositionMap.end()) { // found it
		return true;
	}

	map<string, string>::iterator SinkIter = IntegerErrorCallSinkMap.find(CalleeName);
	if (SinkIter != IntegerErrorCallSinkMap.end()) { // found it
		return true;
	}

	// Put searches for additional library function names here.
	if (0 == CalleeName.compare("setuid")) {
		return true;
	}
	else if (IsStdioLibraryFunc(CalleeName)) {
		return true;
	}
	else if (IsMathLibraryFunc(CalleeName)) {
		return true;
	}
	else if (IsStdlibLibraryFunc(CalleeName)) {
		return true;
	}

	return false;
} // end of IsLibFuncName()

// Is FuncName a startup func called before main(), or a wrapup function called by the system?
bool IsStartupFuncName(const std::string FuncName) {
	bool NameMatched = false;
	char IDA_func_name[STARS_MAXSTR];
	std::size_t SkipCount;

	SkipCount = strspn(FuncName.c_str(), "._");
	std::string TempFuncName = FuncName.substr(SkipCount); // remove leading periods and underscores

	if (0 == TempFuncName.compare("init_proc")) {
		NameMatched = true;
	}
	else if (0 == TempFuncName.compare("init")) {
		NameMatched = true;
	}
	else if (0 == TempFuncName.compare("start")) {
		NameMatched = true;
	}
	else if (0 == TempFuncName.compare("gmon_start")) {
		NameMatched = true;
	}
	else if (0 == TempFuncName.compare("call_gmon_start")) {
		NameMatched = true;
	}
	else if (0 == TempFuncName.compare("libc_start_main")) {
		NameMatched = true;
	}
	else if (0 == TempFuncName.compare("call_gmon_start__")) {
		NameMatched = true;
	}
	else if (0 == TempFuncName.compare("libc_start_main__")) {
		NameMatched = true;
	}
	else if (0 == TempFuncName.compare("libc_csu_init")) {
		NameMatched = true;
	}
	else if (0 == TempFuncName.compare("libc_csu_fini")) {
		NameMatched = true;
	}
	else if (0 == TempFuncName.compare("do_global_dtors_aux")) {
		NameMatched = true;
	}
	else if (0 == TempFuncName.compare("term_proc")) {
		NameMatched = true;
	}
	else if (0 == TempFuncName.compare("fini")) {
		NameMatched = true;
	}
	else if (0 == TempFuncName.compare("frame_dummy")) {
		NameMatched = true;
	}


	return NameMatched;
}